<?php

/**
 * @author Invisible Man
 * @copyright 2013
 */
 require('config.php');
 require('lib/db_connect.php');
if (!isset($_POST['user']) || !isset($_POST['content'])) {
    echo 'error';
} else {
    $user = $_POST['user'];
    $content = addslashes($_POST['content']);
    $time = time() + $time_gmt*3600;
    $id = $_POST['id'];
    if ($user == "" || $content == "") {
        echo 'blank';
    } else {
        $query_insert = "INSERT INTO item_comment(comment_user, comment_content, comment_date, item_id) VALUES('$user', '$content', $time, $id)";  
        mysql_query($query_insert, $con);
        $query ="SELECT * FROM item_comment WHERE item_id=$id";
        $result = mysql_query($query, $con);        
        while ($row = mysql_fetch_assoc($result)) {
            echo '<div class="comment_content">
                                    <h6>' .$row['comment_user']. '</h6>
                                    <div class="comment_detail">' .$row['comment_content']. '</div>
                                    <div class="comment_date">' .date("d/m/Y", $row['comment_date']). '</div>
                                </div>';
        }  
    }
                    
}


?>